SB2018123001 - OpenSUSE Linux update for libraw

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018123001

SB2018123001 - OpenSUSE Linux update for libraw

Published: December 30, 2018

Security Bulletin ID SB2018123001
Severity
Low
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Type confusion (CVE-ID: CVE-2018-5804)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists due to type confusion error within the "identify()" function (internal/dcraw_common.cpp). A local attacker can supply a specially crafted input, trigger divide by zero error and cause the service to crash.


2) Stack-based buffer overflow (CVE-ID: CVE-2018-5805)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to stack-based buffer overflow within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp). A local attacker can submit specially crafted images, trigger memory corruption and cause the service to crash.

3) NULL pointer dereference (CVE-ID: CVE-2018-5806)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp).  A local attacker can submit specially crafted images, trigger NULL pointer dereference and cause the service to crash.

4) Stack-based buffer overflow (CVE-ID: CVE-2018-5808)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the find_green() function, as defined in the internal/dcraw_common.cpp source code file in LibRaw versions prior to 0.18.9. A remote attacker can trick the victim into processing a specially crafted input, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Infinite loop (CVE-ID: CVE-2018-5816)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to a divide by zero integer overflow condition in the identify() function, as defined in the internal/dcraw_common.cpp source code file in LibRaw versions prior to 0.18.12. A remote attacker can trick the victim into processing a specially crafted NOKIARAW file, trigger an infinite loop condition and cause the service to crash.


Remediation

Install update from vendor's website.

References